Samsung: >> Galaxy Store >> 4.5.41.8 Security Vulnerabilities
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-12-05
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-08-10
Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-26
InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-26
XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-05-26
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
CVSS Score
7.8
EPSS Score
0.026
Published
2023-02-09
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.
CVSS Score
6.2
EPSS Score
0.105
Published
2023-02-09
Page 2